Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

VU#304725: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange

Vulnerability Note VU#304725 Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange Original Release date: 23 Jul 2018 | Last revised: 17 Aug 2018 Overview Bluetooth...
Auteur: US Cert

VU#338343: strongSwan VPN charon server vulnerable to buffer underflow

Vulnerability Note VU#338343 strongSwan VPN charon server vulnerable to buffer underflow Original Release date: 23 May 2018 | Last revised: 13 Jun 2018 Overview strongSwan VPN's charon server prior to version 5.6.3 does not...
Auteur: US Cert

VU#180049: CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks

Vulnerability Note VU#180049 CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks Original Release date: 21 May 2018 | Last revised: 19 Jun 2018 Overview CPU hardware utilizing...
Auteur: US Cert

VU#122919: OpenPGP and S/MIME mail client vulnerabilities

Vulnerability Note VU#122919 OpenPGP and S/MIME mail client vulnerabilities Original Release date: 14 May 2018 | Last revised: 15 May 2018 Overview Mail clients may leak plaintext messages while decrypting OpenPGP and S/MIME...
Auteur: US Cert

VU#631579: Hardware debug exception documentation may result in unexpected behavior

Vulnerability Note VU#631579 Hardware debug exception documentation may result in unexpected behavior Original Release date: 08 May 2018 | Last revised: 06 Jun 2018 Overview In some circumstances, some operating systems or...
Auteur: US Cert

VU#283803: Integrated GPUs may allow side-channel and rowhammer attacks using WebGL ("Glitch")

Vulnerability Note VU#283803 Integrated GPUs may allow side-channel and rowhammer attacks using WebGL ("Glitch") Original Release date: 03 May 2018 | Last revised: 03 May 2018 Overview Some platforms with integrated GPUs, such...
Auteur: US Cert

VU#974272: Microsoft Outlook retrieves remote OLE content without prompting

Vulnerability Note VU#974272 Microsoft Outlook retrieves remote OLE content without prompting Original Release date: 10 Apr 2018 | Last revised: 10 Apr 2018 Overview When a Rich Text (RTF) email is previewed in Microsoft...
Auteur: US Cert
First18192021222324252627

Événements SSI